﻿using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using WpfApp1.Commons;
using WpfApp1.DataAccess.DataEntity;

/**
 * @Author 梁峰源
 * @Date 2021年7月23日15:58:25
 */
namespace WpfApp1.DataAccess
{
    /**
     * 饿汉式单例设计，未加线程锁，多线程下不安全
     *
     */
    public class LocalDataAccess
    {
        private static LocalDataAccess instance;
        private LocalDataAccess(){}
        public static LocalDataAccess GetInstance()
        {
            return instance ?? (instance= new LocalDataAccess());
        }
        SqlConnection conn;
        SqlCommand comm;
        SqlDataAdapter adapter;

        public  void Dispose()
        {
            if (null != adapter)
            {
                adapter.Dispose();
                adapter = null;
            }
            if (null != comm)
            {
                comm.Dispose();
                comm = null;
            }
            if (null != conn)
            {
                conn.Close();
                conn.Dispose();
                conn = null;
            }
        }

        public bool DBConnection()
        {
            string connStr = ConfigurationManager.ConnectionStrings["db"].ConnectionString;
            if (conn == null)
                conn = new SqlConnection(connStr);

            SqlCommand command = conn.CreateCommand();
            try
            {
                conn.Open();
                return true;
            }
            catch
            {
                
                return false;
                
            }

        }
        public UserEntity CheckUserInfo(string UserName,string Password)
        {
            try
            {

                if (DBConnection())
                {
                    //预编译防止SQL注入
                    string userSql = "select * from users where user_name=@user_name and password=@pwd and is_valication=1";
                    adapter = new SqlDataAdapter(userSql, conn);
                    adapter.SelectCommand.Parameters.Add(new SqlParameter("@user_name", SqlDbType.VarChar)
                    {
                        
                         Value = UserName
                    });
                    adapter.SelectCommand.Parameters.Add(new SqlParameter("@pwd", SqlDbType.VarChar)
                    {
                        //采用对Password + "@" + UserName字段进行MD5加密，使得每个密码都独一无二
                        Value = MD5Provider.GetMD5String(Password + "@" + UserName)
                       
                }) ;
                    
                    DataTable table = new DataTable();
                    int count = adapter.Fill(table);//返回受影响的行数
                    if (count <= 0)
                    {
                        throw new Exception("用户名或密码不正确！");
                    }
                    DataRow dr = table.Rows[0];
                    if (dr.Field<Int32>("is_can_login") == 0)
                    {
                        throw new Exception("当前用户没有权限使用此平台");
                    }
                    UserEntity user = new UserEntity();
                    user.UserName = dr.Field<string>("user_name");
                    user.RealName = dr.Field<string>("real_name");
                    user.Password  = dr.Field<string>("password");//密码应进行MD5加密
                    user.Avatar = dr.Field<string>("avatar");
                    user.Gender = dr.Field<Int32>("gender");
                    return user;

                }
            }
            catch (Exception)
            {

                throw;
            }
            finally
            {
                this.Dispose();//关闭所有资源
            }
            return null;
        }
    }
}
